Comment on Top 200 Most Common Passwords | NordPass
t3rmit3@beehaw.org 13 hours agoBut my question is, are these only “hacked” passwords? Because those who are not hacked, you don’t know what passwords they have. So this is a bit of bias here, right?
No, that’s not how these are obtained. Password dumps are from attackers breaching a site’s user database and dumping their credentials, usually by phishing administrators’ logins. Attackers are brute-forcing passwords anymore except on a one-off, very rare basis. Here’s a list of publicly-known password dumps, and you can see details about where they came from: haveibeenpwned.com/PwnedWebsites
thingsiplay@beehaw.org 12 hours ago
Ah right, that makes sense. I know that site, but didn’t think of. I know not the smartes in the town.^^
I also wonder if people do more secure passwords for important services. Or do they treat it the same? My parents always used their birthday as password, so they do not forget it. Which not much more secure than 1234.
t3rmit3@beehaw.org 5 hours ago
In my experience, most people have at most 2-3 passwords, and some do choose a “more secure” one for things like banking and work. Very few people use a password manager.